From d169d3dd513a8f8455fd64295e32d52f0ab1dcb4 Mon Sep 17 00:00:00 2001 From: Wyatt Johnson Date: Wed, 16 Oct 2019 22:52:33 +0000 Subject: [PATCH] fix: allow unknown fields (#2640) --- .../passport/strategies/verifiers/sso.spec.ts | 21 +++++++++++++++++++ .../passport/strategies/verifiers/sso.ts | 2 +- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/src/core/server/app/middleware/passport/strategies/verifiers/sso.spec.ts b/src/core/server/app/middleware/passport/strategies/verifiers/sso.spec.ts index 2b118367f..94b01eca9 100644 --- a/src/core/server/app/middleware/passport/strategies/verifiers/sso.spec.ts +++ b/src/core/server/app/middleware/passport/strategies/verifiers/sso.spec.ts @@ -1,5 +1,6 @@ import { isSSOToken, + SSOTokenSchema, SSOUserProfileSchema, } from "coral-server/app/middleware/passport/strategies/verifiers/sso"; import { validate } from "coral-server/app/request/body"; @@ -51,4 +52,24 @@ describe("SSOUserProfileSchema", () => { expect(validate(SSOUserProfileSchema, profile)).toEqual(profile); expect(isSSOToken({ user: profile })).toEqual(true); }); + + it("allows unknown claims", async () => { + const extra = { + preferred_username: "username", + }; + const base = { + user: { + id: "id", + email: "email", + username: "username", + }, + }; + const token = { + ...extra, + ...base, + }; + + expect(validate(SSOTokenSchema, token)).toEqual(base); + expect(isSSOToken(token)).toEqual(true); + }); }); diff --git a/src/core/server/app/middleware/passport/strategies/verifiers/sso.ts b/src/core/server/app/middleware/passport/strategies/verifiers/sso.ts index cdd02db23..0bb292139 100644 --- a/src/core/server/app/middleware/passport/strategies/verifiers/sso.ts +++ b/src/core/server/app/middleware/passport/strategies/verifiers/sso.ts @@ -49,7 +49,7 @@ export interface SSOToken { } export function isSSOToken(token: SSOToken | object): token is SSOToken { - const { error } = Joi.validate(token, SSOTokenSchema); + const { error } = Joi.validate(token, SSOTokenSchema, { allowUnknown: true }); return isNil(error); }